2024-04-20_7bee057419a6af9a1b09ac8f9c91b414_icedid

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-20_7bee057419a6af9a1b09ac8f9c91b414_icedid
Size

5.0MB
MD5

7bee057419a6af9a1b09ac8f9c91b414
SHA1

8e29190f858e081c7d1620752ce00fded58c9e3a
SHA256

cf6f08ef3e394fa0e9d1c3d37a1ffbef3ea70eb2a5087800fce51002de12acf6
SHA512

3de937f1a247ab883d7c1234687f576a2ef4c48e41599b5d1b798d28ddf0ab06a0c5bc89ca8d11499adeac31dd5b92745cf063b8bd693df8d59803813cb30816
SSDEEP

98304:kxmuscmmmzqtjXtbzeN/r1xbOUKh2U+wXA21AprS/TV6QEWirS/TV6QE:kTCHzqtXBkr1xiUKh2ySrS2rS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-20_7bee057419a6af9a1b09ac8f9c91b414_icedid

Files

2024-04-20_7bee057419a6af9a1b09ac8f9c91b414_icedid
.exe windows:4 windows x86 arch:x86

5e65e818a3e9ef1b2c7fe6fe457fe6e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegEnumValueA
RegCreateKeyExA
RegEnumKeyA
RegQueryValueExA
RegQueryInfoKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA
RegEnumKeyExA
AllocateAndInitializeSid
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
IsValidSid
LookupAccountNameA
FreeSid
LookupAccountSidA
CryptReleaseContext
CryptDestroyKey
CryptGenKey
CryptGetUserKey
CryptAcquireContextA
CryptDestroyHash
CryptEncrypt
CryptDeriveKey
CryptHashData
CryptCreateHash
CryptDecrypt
RegSaveKeyA
RegLoadKeyA
RegUnLoadKeyA
RegReplaceKeyA
OpenSCManagerA
CloseServiceHandle
CreateServiceA
StartServiceA
OpenServiceA
ControlService
DeleteService
ChangeServiceConfigA
QueryServiceStatus
GetUserNameA
RegConnectRegistryA
EnumDependentServicesA
EnumServicesStatusA
RegGetKeySecurity
RegOpenKeyA
RegSetKeySecurity
GetTokenInformation
RegFlushKey
RegSetValueA
RegCreateKeyA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

rpcrt4

UuidToStringA

mpr

WNetAddConnection2A
WNetCancelConnectionA

wininet

InternetConnectA
InternetOpenA
InternetCloseHandle
InternetGetLastResponseInfoA
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback

comctl32

ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ord17
CreatePropertySheetPageA
DestroyPropertySheetPage
PropertySheetA
ImageList_Read
ImageList_Draw
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_AddMasked
ImageList_Replace
ImageList_Add

kernel32

GetFileInformationByHandle
DosDateTimeToFileTime
GlobalMemoryStatus
InterlockedIncrement
InterlockedDecrement
DebugBreak
IsBadReadPtr
IsBadWritePtr
CreateEventA
SetEvent
ResetEvent
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTime
GetLocalTime
_lclose
_lopen
_lread
_llseek
_lcreat
_lwrite
lstrcpyA
FileTimeToDosDateTime
GlobalGetAtomNameA
lstrcatA
DuplicateHandle
LockFile
UnlockFile
GetFullPathNameA
GetThreadLocale
SuspendThread
lstrlenW
GlobalFlags
GetProcessVersion
TlsAlloc
GlobalHandle
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GetCPInfo
GetOEMCP
SetErrorMode
FindResourceExA
lstrcpyW
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetTimeZoneInformation
ExitProcess
GetStartupInfoA
GetCommandLineA
HeapReAlloc
SetStdHandle
GetFileType
ExitThread
GetACP
HeapSize
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringA
LCMapStringW
SetHandleCount
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
CompareStringW
TerminateProcess
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemInfo
GetSystemDefaultLangID
GetUserDefaultLangID
LocalAlloc
GetProfileStringA
InterlockedExchange
DeleteFileA
CloseHandle
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileAttributesA
GetLastError
WriteFile
LockResource
LoadResource
SizeofResource
FindResourceA
CreateFileA
GetVersionExA
GetSystemDirectoryA
GetFileAttributesA
GetProcAddress
LoadLibraryA
FreeLibrary
GetPrivateProfileStringA
WritePrivateProfileStringA
CopyFileA
GetTempFileNameA
GetTempPathA
MulDiv
OutputDebugStringA
GetComputerNameA
GetCurrentProcess
lstrcpynA
SetComputerNameA
SetLastError
GetModuleHandleA
GetSystemPowerStatus
lstrlenA
TerminateThread
GetEnvironmentVariableA
GetStdHandle
OpenProcess
GetPrivateProfileIntA
Beep
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateThread
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ResumeThread
SetEnvironmentVariableA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetCurrentThreadId
GetSystemTimeAsFileTime
Sleep
lstrcmpiA
GetLogicalDrives
DeviceIoControl
WinExec
GetLogicalDriveStringsA
GetFileTime
GlobalLock
GlobalUnlock
ReadFile
FlushFileBuffers
SetFilePointer
SetEndOfFile
MoveFileA
GetDriveTypeA
GetVolumeInformationA
GlobalSize
GlobalAlloc
GlobalReAlloc
GlobalFree
GetCurrentThread
GetThreadPriority
SetThreadPriority
CreateProcessA
GetExitCodeProcess
GetVersion
GetModuleFileNameA
GetNumberFormatA
GetLocaleInfoA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
CompareStringA
FormatMessageA
LocalFree
GetTickCount
GetShortPathNameA
WideCharToMultiByte
MultiByteToWideChar
ExpandEnvironmentStringsA
SearchPathA
MoveFileExA
GetDiskFreeSpaceA
CreateDirectoryA
lstrcmpA
FindNextFileA
RemoveDirectoryA
FindFirstFileA
FindClose
GetWindowsDirectoryA
CompareFileTime
GetFileSize
WaitForSingleObject

user32

CharUpperA
WindowFromPoint
ValidateRect
GetMessageA
SetCursorPos
DestroyCursor
ShowOwnedPopups
SetWindowContextHelpId
IsClipboardFormatAvailable
CountClipboardFormats
MessageBeep
GetSysColorBrush
GetDCEx
LockWindowUpdate
GetNextDlgGroupItem
RegisterClipboardFormatA
PostThreadMessageA
GetScrollPos
SetScrollPos
GetTopWindow
TrackPopupMenu
GetWindowTextLengthA
GetWindowTextA
GetClassLongA
GetMessageTime
GetWindowPlacement
UnpackDDElParam
ReuseDDElParam
SetFocus
ShowWindow
GetWindow
LoadAcceleratorsA
DefMDIChildProcA
TranslateAcceleratorA
TranslateMDISysAccel
DefFrameProcA
AdjustWindowRectEx
GetCapture
GetForegroundWindow
GetLastActivePopup
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
BeginDeferWindowPos
EndDeferWindowPos
GetDlgCtrlID
EqualRect
CharToOemA
RegisterClassA
CreateWindowExA
DestroyWindow
UnregisterClassA
CharNextA
wvsprintfA
IsIconic
GetDC
SetRectEmpty
GetAsyncKeyState
GetWindowThreadProcessId
SetParent
BringWindowToTop
FindWindowA
GetCursor
EndPaint
MessageBoxExA
SetMenu
DrawMenuBar
CallNextHookEx
GetClassNameA
GetWindowLongA
SetPropA
CallWindowProcA
GetPropA
RemovePropA
UnhookWindowsHookEx
SetWindowsHookExA
SetWindowLongA
DeleteMenu
RemoveMenu
SetWindowPos
GetMenuState
LoadMenuA
SendDlgItemMessageA
InsertMenuA
AppendMenuA
ModifyMenuA
GetMenuDefaultItem
DrawEdge
GrayStringA
DrawTextA
TabbedTextOutA
GetMessagePos
DrawStateA
GetMenuItemCount
GetSubMenu
GetMenuItemID
CopyAcceleratorTableA
MapVirtualKeyA
GetKeyNameTextA
CopyImage
GetMenuItemRect
GetMenuItemInfoA
SystemParametersInfoA
IsMenu
GetWindowDC
ReleaseDC
CreatePopupMenu
InvertRect
GetClassInfoA
DefWindowProcA
IntersectRect
IsRectEmpty
RedrawWindow
IsWindow
LoadStringA
GetDlgItem
SetWindowTextA
GetKeyState
IsWindowVisible
SetTimer
SetForegroundWindow
MessageBoxA
WinHelpA
LoadIconA
GetDesktopWindow
FillRect
MapDialogRect
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
BeginPaint
GetMenuCheckMarkDimensions
GetSystemMenu
DestroyMenu
GetMenu
KillTimer
SendMessageA
GetCursorPos
MenuItemFromPoint
IsChild
GetFocus
OffsetRect
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
CheckRadioButton
SetActiveWindow
CopyRect
SetRect
GetClientRect
GetSystemMetrics
PostMessageA
IsWindowEnabled
ClientToScreen
SetCursor
LoadCursorA
PtInRect
ScreenToClient
EnableWindow
RegisterWindowMessageA
DrawFocusRect
FrameRect
InflateRect
DrawIconEx
DestroyIcon
LoadImageA
LoadBitmapA
GetParent
UpdateWindow
ReleaseCapture
SetCapture
GetWindowRect
InvalidateRect
ExitWindowsEx
PostQuitMessage
PeekMessageA
wsprintfA
DispatchMessageA
TranslateMessage
CharUpperBuffA
CharLowerBuffA
GetSysColor
GetIconInfo
CreateIconIndirect
WindowFromDC
MapWindowPoints
GetMenuStringA
DeferWindowPos

gdi32

DeleteObject
DeleteDC
GetDIBits
RealizePalette
SelectPalette
SelectObject
CreateCompatibleDC
GetStockObject
SetDIBits
CreateDIBSection
GetCharABCWidthsA
BitBlt
CreateCompatibleBitmap
GetCurrentPositionEx
GetTextAlign
RoundRect
GetDeviceCaps
CreateSolidBrush
SetPixel
GetPixel
CreateHalftonePalette
StretchBlt
SetPixelV
GetCurrentObject
GetNearestColor
Rectangle
PtVisible
RectVisible
SetBrushOrgEx
UnrealizeObject
TextOutA
ExtTextOutA
Escape
CreateRectRgnIndirect
CombineRgn
CreateRectRgn
SelectClipRgn
AddFontResourceA
DPtoLP
FillRgn
CreatePolygonRgn
Ellipse
PatBlt
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
SetTextCharacterExtra
ExtSelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetMapMode
SetRectRgn
CreateDCA
CopyMetaFileA
EnumFontFamiliesExA
LPtoDP
CreateBitmap
CreatePatternBrush
GetTextColor
GetBkColor
GetTextMetricsA
GetTextExtentPointA
CreateDIBitmap
GetTextExtentPoint32A
GetObjectA
CreatePen
CreateFontIndirectA

comdlg32

ChooseFontA
FindTextA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA
ReplaceTextA

winspool.drv

ClosePrinter
GetPrinterDriverDirectoryA
GetPrinterDriverA
OpenPrinterA
EnumPrintersA
DocumentPropertiesA

shell32

DragFinish
ShellExecuteExA
DragQueryFileA
Shell_NotifyIconA
DuplicateIcon
DragAcceptFiles
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHGetFileInfoA

oledlg

ord11
ord8
ord3
ord4

ole32

CoCreateInstance
OleLockRunning
CoInitialize
StgOpenStorage
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
CLSIDFromString
OleRun
ReleaseStgMedium
CoTaskMemFree
OleRegGetUserType
CoDisconnectObject
CoTaskMemAlloc
OleDuplicateData
CreateBindCtx
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CoGetClassObject
StgOpenStorageOnILockBytes
CreateFileMoniker
CoRevokeClassObject
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
OleSetMenuDescriptor
OleGetClipboard
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CreateGenericComposite
CreateItemMoniker
OleSaveToStream
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
OleSave
OleLoad
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
CoUninitialize

olepro32

ord251
ord253

oleaut32

VariantCopy
SysAllocStringByteLen
VarDateFromStr
VariantChangeType
SysAllocStringLen
SysStringLen
SysAllocString
SysFreeString
LoadTypeLi
VariantInit
SafeArrayAccessData
VariantTimeToSystemTime
VariantClear

wsock32

htonl
ntohs
recvfrom
sendto
ioctlsocket
socket
inet_addr
inet_ntoa
closesocket
htons
WSAGetLastError
bind
setsockopt
WSACleanup
WSAStartup
gethostname
gethostbyname

Exports

Exports

?GetHpcdeLicenseInformation@@YAPBDXZ

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 328KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e65e818a3e9ef1b2c7fe6fe457fe6e7

Headers

File Characteristics

Imports

advapi32

version

rpcrt4

mpr

wininet

comctl32

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

oledlg

ole32

olepro32

oleaut32

wsock32

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 328KB - Virtual size: 325KB

.data Size: 160KB - Virtual size: 269KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 328KB - Virtual size: 325KB

.data
Size: 160KB - Virtual size: 269KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB